Cyber crime is a booming business for criminals. Businesses of all sizes are being targeted for scams that range from tech support scams, 401(k) disbursement scams, and phishing attacks. Crime as a Service (CaaS) allows criminals to purchase software and lowers the bar for entry into cyber crime. This offering provides the tools for someone lacking technical knowledge to buy services to carry out cyber crime. In addition, CaaS allows unsophisticated criminals to utilize harmful technology.
New and emerging trends with cyber crime has changed the landscape of several crime policies:
- Social engineering fraud
- Business email compromise/e-mail account compromise
- Payroll diversion phishing attacks
- 401(k) disbursement scams
- Telecommunications fraud
- Computer fraud
- Gift card scams
Recent Cyber Phishing Scams, claim handled by Chubb Insurance:
A financial institution recently became the victim of an e-mail phishing attack targeted against its employees. As a result of the attack, more than 400 employee e-mail accounts were compromised. The organization retained a forensic firm to investigate the extent of the breach, as well as an incident response coach. Data mining and a review of what information was compromised is ongoing. This initial phase of the incident response will cost more than $1.5M for both the coach and forensic firm. Once this review is complete, there will be an assessment as to whether notification and credit monitoring services are necessary.
The evolving crime and cyber environment have necessitated a need to coordinate coverage between the cyber policy and the crime policy. Traditionally:
- Crime is theft of money
- Cyber is theft of data
As the lines of coverage begin to blur, cyber liability carriers are adding grants of coverage for cyber crime and crime markets are evolving as well.
It is important to coordinate the “Other Insurance” provision in both policies if there is duplicate coverage. This should assist in the event of a claim and determine which is primary and which is excess. Every organization should work with their insurance broker to evaluate potential gaps in coverage and overlaps as well.
How to protect your organization from phishing attacks:
- Turn on two-factor authentication for external access to all applications. If this is not feasible then enable the particularly sensitive ones such as email, 401(k) administrators, payroll or benefits providers, remote desktop protocol, and virtual private networks. Audit recent changes and confirm the changes over the phone or in person with your employees for the following:
- Direct deposit changes to issuing payroll
- 401(k) Disbursements
- Educate and train employees about phishing. Consider simulated anti-phishing campaigns for your organization.
- Enforce strong password policies. Educate employees on reusing passwords and the risks associated.
- If your e-mail system permits, set up alerts for new forwarding alerts whenever they are created so that messages cannot be secretly diverted.
It is also important for Cyber insurance policies to be evaluated critically each year because of the rapid rate of change. It is important to work with a cyber broker that knows the difference. If you have questions about what policy should respond or if you have adequate cyber coverage, please contact me to further discuss.
CLICK HERE to learn more about Oswald’s Cyber Risk Solutions.
Sources: (Europol, Krebs on Security, Chubb, Beazley, justice.gov, ic3.gov)
Note: This communication is for informational purposes only. Although every reasonable effort is made to present current and accurate information, Oswald makes no guarantees of any kind and cannot be held liable for any outdated or incorrect information. View our communications policy.